Action not permitted
Modal body text goes here.
CVE-2019-14885
Vulnerability from cvelistv5
Published
2020-01-23 00:00
Modified
2024-08-05 00:26
Severity ?
EPSS score ?
Summary
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885 | Issue Tracking, Vendor Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:26:39.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "JBoss EAP",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "All versions before 7.2.6.GA"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-14885",
"datePublished": "2020-01-23T00:00:00",
"dateReserved": "2019-08-10T00:00:00",
"dateUpdated": "2024-08-05T00:26:39.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-14885\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-01-23T22:15:10.090\",\"lastModified\":\"2022-11-08T02:17:37.720\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un fallo en el sistema JBoss EAP Vault en todas las versiones anteriores a 7.2.6.GA. La informaci\u00f3n confidencial del valor del atributo de seguridad de la propiedad del sistema es revelada en el archivo de registro de JBoss EAP cuando se ejecuta un comando \\\"reload\\\" de la CLI de JBoss. Este fallo puede conllevar a la exposici\u00f3n de informaci\u00f3n confidencial.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-532\"}]},{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-532\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.2.6\",\"matchCriteriaId\":\"1DD09F25-C666-447A-BBDD-A8C86AB9B7E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DDBD481-01D9-472E-9981-B888406CA39C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}"
}
}
rhsa-2020_0164
Vulnerability from csaf_redhat
Published
2020-01-21 02:23
Modified
2024-11-05 21:43
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening
on HTTPS (CVE-2019-14888)
* jboss-cli: JBoss EAP: Vault system property security attribute value is
revealed on CLI 'reload' command (CVE-2019-14885)
* netty: HTTP request smuggling by mishandled whitespace before the colon in
HTTP headers (CVE-2019-16869)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariConfig (CVE-2019-14540)
* jackson-databind: Serialization gadgets in classes of the commons-dbcp package
(CVE-2019-16942)
* jackson-databind: Serialization gadgets in classes of the
commons-configuration package (CVE-2019-14892)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)
* jackson-databind: Serialization gadgets in classes of the p6spy package
(CVE-2019-16943)
* jackson-databind: polymorphic typing issue when enabling default typing for an
externally exposed JSON endpoint and having apache-log4j-extra in the classpath
leads to code execution (CVE-2019-17531)
* jackson-databind: Serialization gadgets in classes of the xalan package
(CVE-2019-14893)
* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)
* jackson-databind: Serialization gadgets in classes of the ehcache package
(CVE-2019-17267)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening\non HTTPS (CVE-2019-14888)\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is\nrevealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in\nHTTP headers (CVE-2019-16869)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package\n(CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the\ncommons-configuration package (CVE-2019-14892)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package\n(CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an\nexternally exposed JSON endpoint and having apache-log4j-extra in the classpath\nleads to code execution (CVE-2019-17531)\n\n* jackson-databind: Serialization gadgets in classes of the xalan package\n(CVE-2019-14893)\n\n* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)\n\n* jackson-databind: Serialization gadgets in classes of the ehcache package\n(CVE-2019-17267)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0164",
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1738673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673"
},
{
"category": "external",
"summary": "1755831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831"
},
{
"category": "external",
"summary": "1755849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849"
},
{
"category": "external",
"summary": "1758167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167"
},
{
"category": "external",
"summary": "1758171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171"
},
{
"category": "external",
"summary": "1758182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182"
},
{
"category": "external",
"summary": "1758187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187"
},
{
"category": "external",
"summary": "1758191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191"
},
{
"category": "external",
"summary": "1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "1772464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464"
},
{
"category": "external",
"summary": "1775293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293"
},
{
"category": "external",
"summary": "JBEAP-17491",
"url": "https://issues.redhat.com/browse/JBEAP-17491"
},
{
"category": "external",
"summary": "JBEAP-17541",
"url": "https://issues.redhat.com/browse/JBEAP-17541"
},
{
"category": "external",
"summary": "JBEAP-17651",
"url": "https://issues.redhat.com/browse/JBEAP-17651"
},
{
"category": "external",
"summary": "JBEAP-17652",
"url": "https://issues.redhat.com/browse/JBEAP-17652"
},
{
"category": "external",
"summary": "JBEAP-17666",
"url": "https://issues.redhat.com/browse/JBEAP-17666"
},
{
"category": "external",
"summary": "JBEAP-17773",
"url": "https://issues.redhat.com/browse/JBEAP-17773"
},
{
"category": "external",
"summary": "JBEAP-17779",
"url": "https://issues.redhat.com/browse/JBEAP-17779"
},
{
"category": "external",
"summary": "JBEAP-17789",
"url": "https://issues.redhat.com/browse/JBEAP-17789"
},
{
"category": "external",
"summary": "JBEAP-17805",
"url": "https://issues.redhat.com/browse/JBEAP-17805"
},
{
"category": "external",
"summary": "JBEAP-17837",
"url": "https://issues.redhat.com/browse/JBEAP-17837"
},
{
"category": "external",
"summary": "JBEAP-17887",
"url": "https://issues.redhat.com/browse/JBEAP-17887"
},
{
"category": "external",
"summary": "JBEAP-17898",
"url": "https://issues.redhat.com/browse/JBEAP-17898"
},
{
"category": "external",
"summary": "JBEAP-17905",
"url": "https://issues.redhat.com/browse/JBEAP-17905"
},
{
"category": "external",
"summary": "JBEAP-17906",
"url": "https://issues.redhat.com/browse/JBEAP-17906"
},
{
"category": "external",
"summary": "JBEAP-17940",
"url": "https://issues.redhat.com/browse/JBEAP-17940"
},
{
"category": "external",
"summary": "JBEAP-17945",
"url": "https://issues.redhat.com/browse/JBEAP-17945"
},
{
"category": "external",
"summary": "JBEAP-17974",
"url": "https://issues.redhat.com/browse/JBEAP-17974"
},
{
"category": "external",
"summary": "JBEAP-17998",
"url": "https://issues.redhat.com/browse/JBEAP-17998"
},
{
"category": "external",
"summary": "JBEAP-18169",
"url": "https://issues.redhat.com/browse/JBEAP-18169"
},
{
"category": "external",
"summary": "JBEAP-18170",
"url": "https://issues.redhat.com/browse/JBEAP-18170"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0164.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 security update",
"tracking": {
"current_release_date": "2024-11-05T21:43:27+00:00",
"generator": {
"date": "2024-11-05T21:43:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:0164",
"initial_release_date": "2020-01-21T02:23:36+00:00",
"revision_history": [
{
"date": "2020-01-21T02:23:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-21T02:23:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T21:43:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2",
"product": {
"name": "Red Hat JBoss EAP 7.2",
"product_id": "Red Hat JBoss EAP 7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Dominik Mizyn"
],
"organization": "Samsung R\u0026D Institute Poland"
}
],
"cve": "CVE-2019-10219",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1738673"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: safeHTML validator allows XSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it is being deprecated and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10219"
},
{
"category": "external",
"summary": "RHBZ#1738673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10219",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10219"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219"
}
],
"release_date": "2019-08-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: safeHTML validator allows XSS"
},
{
"cve": "CVE-2019-14540",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1755849"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14540"
},
{
"category": "external",
"summary": "RHBZ#1755849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540"
}
],
"release_date": "2019-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "workaround",
"details": "This vulnerability relies on com.zaxxer.hikari.HikariConfig being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig"
},
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
},
{
"acknowledgments": [
{
"names": [
"Henning Baldersheim",
"H\u00e5vard Pettersen"
],
"organization": "Verizon Media"
}
],
"cve": "CVE-2019-14888",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-10-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1772464"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14888"
},
{
"category": "external",
"summary": "RHBZ#1772464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888"
}
],
"release_date": "2020-01-20T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "workaround",
"details": "Enable HTTP2 (enable-http2=\"true\") in the undertow\u0027s HTTPS settings.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS"
},
{
"cve": "CVE-2019-14892",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the commons-configuration package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14892"
},
{
"category": "external",
"summary": "RHBZ#1758171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892"
}
],
"release_date": "2019-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the commons-configuration package"
},
{
"cve": "CVE-2019-14893",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the xalan package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14893"
},
{
"category": "external",
"summary": "RHBZ#1758182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893"
}
],
"release_date": "2019-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the xalan package"
},
{
"cve": "CVE-2019-16335",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1755831"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16335"
},
{
"category": "external",
"summary": "RHBZ#1755831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335"
}
],
"release_date": "2019-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "workaround",
"details": "This vulnerability relies on com.zaxxer.hikari.HikariDataSource being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource"
},
{
"cve": "CVE-2019-16869",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758619"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that this vulnerability does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16869"
},
{
"category": "external",
"summary": "RHBZ#1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869"
}
],
"release_date": "2019-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "workaround",
"details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers"
},
{
"cve": "CVE-2019-16942",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758187"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16942"
},
{
"category": "external",
"summary": "RHBZ#1758187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942"
}
],
"release_date": "2019-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*"
},
{
"cve": "CVE-2019-16943",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758191"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16943"
},
{
"category": "external",
"summary": "RHBZ#1758191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943"
}
],
"release_date": "2019-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource"
},
{
"cve": "CVE-2019-17267",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758167"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the ehcache package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17267"
},
{
"category": "external",
"summary": "RHBZ#1758167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267"
}
],
"release_date": "2019-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the ehcache package"
},
{
"cve": "CVE-2019-17531",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-11-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1775293"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17531"
},
{
"category": "external",
"summary": "RHBZ#1775293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531"
}
],
"release_date": "2019-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:23:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*"
}
]
}
rhsa-2020_2168
Vulnerability from csaf_redhat
Published
2020-05-14 11:46
Modified
2024-11-05 22:14
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.
Security Fix(es):
* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.\n\nSecurity Fix(es):\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2168",
"url": "https://access.redhat.com/errata/RHSA-2020:2168"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2168.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update",
"tracking": {
"current_release_date": "2024-11-05T22:14:10+00:00",
"generator": {
"date": "2024-11-05T22:14:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:2168",
"initial_release_date": "2020-05-14T11:46:26+00:00",
"revision_history": [
{
"date": "2020-05-14T11:46:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-05-14T11:46:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:14:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 async",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 async",
"product_id": "Red Hat JBoss Enterprise Application Platform 6.4 async",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4 async"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-05-14T11:46:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. The JBoss server process must be restarted for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4 async"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2168"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4 async"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
}
]
}
rhsa-2020_2169
Vulnerability from csaf_redhat
Published
2020-05-14 12:14
Modified
2024-11-05 22:14
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package.
Security Fix(es):
* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis asynchronous patch is an update for JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5, 6, and 7. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to this updated package.\n\nSecurity Fix(es):\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2169",
"url": "https://access.redhat.com/errata/RHSA-2020:2169"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2169.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update",
"tracking": {
"current_release_date": "2024-11-05T22:14:02+00:00",
"generator": {
"date": "2024-11-05T22:14:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:2169",
"initial_release_date": "2020-05-14T12:14:42+00:00",
"revision_history": [
{
"date": "2020-05-14T12:14:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-05-14T12:14:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:14:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"product": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"product": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"product_id": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.22-3.Final_redhat_4.1.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src"
},
"product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src"
},
"product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src"
},
"product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src"
},
"product_reference": "jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-05-14T12:14:42+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied. The JBoss server process must be restarted for the update to take effect.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2169"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el5.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el6.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.22-3.Final_redhat_4.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
}
]
}
rhsa-2020_0159
Vulnerability from csaf_redhat
Published
2020-01-21 02:57
Modified
2024-11-05 21:43
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 6 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888)
* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)
* jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig (CVE-2019-14540)
* jackson-databind: Serialization gadgets in classes of the commons-dbcp package (CVE-2019-16942)
* jackson-databind: Serialization gadgets in classes of the commons-configuration package (CVE-2019-14892)
* jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)
* jackson-databind: Serialization gadgets in classes of the p6spy package (CVE-2019-16943)
* jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531)
* jackson-databind: Serialization gadgets in classes of the xalan package (CVE-2019-14893)
* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)
* jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS (CVE-2019-14888)\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)\n\n* jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package (CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the commons-configuration package (CVE-2019-14892)\n\n* jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package (CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an externally exposed JSON endpoint and having apache-log4j-extra in the classpath leads to code execution (CVE-2019-17531)\n\n* jackson-databind: Serialization gadgets in classes of the xalan package (CVE-2019-14893)\n\n* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)\n\n* jackson-databind: Serialization gadgets in classes of the ehcache package (CVE-2019-17267)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0159",
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1738673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673"
},
{
"category": "external",
"summary": "1755831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831"
},
{
"category": "external",
"summary": "1755849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849"
},
{
"category": "external",
"summary": "1758167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167"
},
{
"category": "external",
"summary": "1758171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171"
},
{
"category": "external",
"summary": "1758182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182"
},
{
"category": "external",
"summary": "1758187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187"
},
{
"category": "external",
"summary": "1758191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191"
},
{
"category": "external",
"summary": "1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "1772464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464"
},
{
"category": "external",
"summary": "1775293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293"
},
{
"category": "external",
"summary": "JBEAP-17491",
"url": "https://issues.redhat.com/browse/JBEAP-17491"
},
{
"category": "external",
"summary": "JBEAP-17541",
"url": "https://issues.redhat.com/browse/JBEAP-17541"
},
{
"category": "external",
"summary": "JBEAP-17651",
"url": "https://issues.redhat.com/browse/JBEAP-17651"
},
{
"category": "external",
"summary": "JBEAP-17652",
"url": "https://issues.redhat.com/browse/JBEAP-17652"
},
{
"category": "external",
"summary": "JBEAP-17666",
"url": "https://issues.redhat.com/browse/JBEAP-17666"
},
{
"category": "external",
"summary": "JBEAP-17773",
"url": "https://issues.redhat.com/browse/JBEAP-17773"
},
{
"category": "external",
"summary": "JBEAP-17779",
"url": "https://issues.redhat.com/browse/JBEAP-17779"
},
{
"category": "external",
"summary": "JBEAP-17789",
"url": "https://issues.redhat.com/browse/JBEAP-17789"
},
{
"category": "external",
"summary": "JBEAP-17805",
"url": "https://issues.redhat.com/browse/JBEAP-17805"
},
{
"category": "external",
"summary": "JBEAP-17834",
"url": "https://issues.redhat.com/browse/JBEAP-17834"
},
{
"category": "external",
"summary": "JBEAP-17837",
"url": "https://issues.redhat.com/browse/JBEAP-17837"
},
{
"category": "external",
"summary": "JBEAP-17887",
"url": "https://issues.redhat.com/browse/JBEAP-17887"
},
{
"category": "external",
"summary": "JBEAP-17898",
"url": "https://issues.redhat.com/browse/JBEAP-17898"
},
{
"category": "external",
"summary": "JBEAP-17905",
"url": "https://issues.redhat.com/browse/JBEAP-17905"
},
{
"category": "external",
"summary": "JBEAP-17906",
"url": "https://issues.redhat.com/browse/JBEAP-17906"
},
{
"category": "external",
"summary": "JBEAP-17940",
"url": "https://issues.redhat.com/browse/JBEAP-17940"
},
{
"category": "external",
"summary": "JBEAP-17945",
"url": "https://issues.redhat.com/browse/JBEAP-17945"
},
{
"category": "external",
"summary": "JBEAP-17974",
"url": "https://issues.redhat.com/browse/JBEAP-17974"
},
{
"category": "external",
"summary": "JBEAP-17998",
"url": "https://issues.redhat.com/browse/JBEAP-17998"
},
{
"category": "external",
"summary": "JBEAP-18169",
"url": "https://issues.redhat.com/browse/JBEAP-18169"
},
{
"category": "external",
"summary": "JBEAP-18170",
"url": "https://issues.redhat.com/browse/JBEAP-18170"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0159.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 6 security update",
"tracking": {
"current_release_date": "2024-11-05T21:43:18+00:00",
"generator": {
"date": "2024-11-05T21:43:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:0159",
"initial_release_date": "2020-01-21T02:57:45+00:00",
"revision_history": [
{
"date": "2020-01-21T02:57:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-21T02:57:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T21:43:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-21.SP12_redhat_00010.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.14-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.18-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.42-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.5-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-3.Final_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.2.11-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.2.11-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.2.11-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.10-1.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.10-1.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.10-1.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.10-1.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.18-2.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.18-2.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.18-2.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.18-2.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.10-2.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.6-5.GA_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.6-5.GA_redhat_00001.1.el6eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.10-1.redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.18-2.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el6eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Dominik Mizyn"
],
"organization": "Samsung R\u0026D Institute Poland"
}
],
"cve": "CVE-2019-10219",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1738673"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: safeHTML validator allows XSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it is being deprecated and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10219"
},
{
"category": "external",
"summary": "RHBZ#1738673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10219",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10219"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219"
}
],
"release_date": "2019-08-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: safeHTML validator allows XSS"
},
{
"cve": "CVE-2019-14540",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1755849"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14540"
},
{
"category": "external",
"summary": "RHBZ#1755849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540"
}
],
"release_date": "2019-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "workaround",
"details": "This vulnerability relies on com.zaxxer.hikari.HikariConfig being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig"
},
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
},
{
"acknowledgments": [
{
"names": [
"Henning Baldersheim",
"H\u00e5vard Pettersen"
],
"organization": "Verizon Media"
}
],
"cve": "CVE-2019-14888",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-10-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1772464"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14888"
},
{
"category": "external",
"summary": "RHBZ#1772464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888"
}
],
"release_date": "2020-01-20T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "workaround",
"details": "Enable HTTP2 (enable-http2=\"true\") in the undertow\u0027s HTTPS settings.",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS"
},
{
"cve": "CVE-2019-14892",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the commons-configuration package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14892"
},
{
"category": "external",
"summary": "RHBZ#1758171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892"
}
],
"release_date": "2019-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the commons-configuration package"
},
{
"cve": "CVE-2019-14893",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the xalan package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14893"
},
{
"category": "external",
"summary": "RHBZ#1758182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893"
}
],
"release_date": "2019-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the xalan package"
},
{
"cve": "CVE-2019-16335",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1755831"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16335"
},
{
"category": "external",
"summary": "RHBZ#1755831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335"
}
],
"release_date": "2019-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "workaround",
"details": "This vulnerability relies on com.zaxxer.hikari.HikariDataSource being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource"
},
{
"cve": "CVE-2019-16869",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758619"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that this vulnerability does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16869"
},
{
"category": "external",
"summary": "RHBZ#1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869"
}
],
"release_date": "2019-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "workaround",
"details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers"
},
{
"cve": "CVE-2019-16942",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758187"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16942"
},
{
"category": "external",
"summary": "RHBZ#1758187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942"
}
],
"release_date": "2019-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*"
},
{
"cve": "CVE-2019-16943",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758191"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16943"
},
{
"category": "external",
"summary": "RHBZ#1758191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943"
}
],
"release_date": "2019-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource"
},
{
"cve": "CVE-2019-17267",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758167"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the ehcache package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17267"
},
{
"category": "external",
"summary": "RHBZ#1758167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267"
}
],
"release_date": "2019-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the ehcache package"
},
{
"cve": "CVE-2019-17531",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-11-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1775293"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17531"
},
{
"category": "external",
"summary": "RHBZ#1775293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531"
}
],
"release_date": "2019-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T02:57:45+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*"
}
]
}
rhsa-2020_0161
Vulnerability from csaf_redhat
Published
2020-01-21 03:22
Modified
2024-11-05 21:43
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 8 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening
on HTTPS (CVE-2019-14888)
* jboss-cli: JBoss EAP: Vault system property security attribute value is
revealed on CLI 'reload' command (CVE-2019-14885)
* netty: HTTP request smuggling by mishandled whitespace before the colon in
HTTP headers (CVE-2019-16869)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariConfig (CVE-2019-14540)
* jackson-databind: Serialization gadgets in classes of the commons-dbcp package
(CVE-2019-16942)
* jackson-databind: Serialization gadgets in classes of the
commons-configuration package (CVE-2019-14892)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)
* jackson-databind: Serialization gadgets in classes of the p6spy package
(CVE-2019-16943)
* jackson-databind: polymorphic typing issue when enabling default typing for an
externally exposed JSON endpoint and having apache-log4j-extra in the classpath
leads to code execution (CVE-2019-17531)
* jackson-databind: Serialization gadgets in classes of the xalan package
(CVE-2019-14893)
* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)
* jackson-databind: Serialization gadgets in classes of the ehcache package
(CVE-2019-17267)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening\non HTTPS (CVE-2019-14888)\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is\nrevealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in\nHTTP headers (CVE-2019-16869)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package\n(CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the\ncommons-configuration package (CVE-2019-14892)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package\n(CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an\nexternally exposed JSON endpoint and having apache-log4j-extra in the classpath\nleads to code execution (CVE-2019-17531)\n\n* jackson-databind: Serialization gadgets in classes of the xalan package\n(CVE-2019-14893)\n\n* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)\n\n* jackson-databind: Serialization gadgets in classes of the ehcache package\n(CVE-2019-17267)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0161",
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1738673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673"
},
{
"category": "external",
"summary": "1755831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831"
},
{
"category": "external",
"summary": "1755849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849"
},
{
"category": "external",
"summary": "1758167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167"
},
{
"category": "external",
"summary": "1758171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171"
},
{
"category": "external",
"summary": "1758182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182"
},
{
"category": "external",
"summary": "1758187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187"
},
{
"category": "external",
"summary": "1758191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191"
},
{
"category": "external",
"summary": "1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "1772464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464"
},
{
"category": "external",
"summary": "1775293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293"
},
{
"category": "external",
"summary": "JBEAP-17491",
"url": "https://issues.redhat.com/browse/JBEAP-17491"
},
{
"category": "external",
"summary": "JBEAP-17541",
"url": "https://issues.redhat.com/browse/JBEAP-17541"
},
{
"category": "external",
"summary": "JBEAP-17651",
"url": "https://issues.redhat.com/browse/JBEAP-17651"
},
{
"category": "external",
"summary": "JBEAP-17652",
"url": "https://issues.redhat.com/browse/JBEAP-17652"
},
{
"category": "external",
"summary": "JBEAP-17666",
"url": "https://issues.redhat.com/browse/JBEAP-17666"
},
{
"category": "external",
"summary": "JBEAP-17773",
"url": "https://issues.redhat.com/browse/JBEAP-17773"
},
{
"category": "external",
"summary": "JBEAP-17779",
"url": "https://issues.redhat.com/browse/JBEAP-17779"
},
{
"category": "external",
"summary": "JBEAP-17789",
"url": "https://issues.redhat.com/browse/JBEAP-17789"
},
{
"category": "external",
"summary": "JBEAP-17805",
"url": "https://issues.redhat.com/browse/JBEAP-17805"
},
{
"category": "external",
"summary": "JBEAP-17836",
"url": "https://issues.redhat.com/browse/JBEAP-17836"
},
{
"category": "external",
"summary": "JBEAP-17837",
"url": "https://issues.redhat.com/browse/JBEAP-17837"
},
{
"category": "external",
"summary": "JBEAP-17887",
"url": "https://issues.redhat.com/browse/JBEAP-17887"
},
{
"category": "external",
"summary": "JBEAP-17898",
"url": "https://issues.redhat.com/browse/JBEAP-17898"
},
{
"category": "external",
"summary": "JBEAP-17905",
"url": "https://issues.redhat.com/browse/JBEAP-17905"
},
{
"category": "external",
"summary": "JBEAP-17906",
"url": "https://issues.redhat.com/browse/JBEAP-17906"
},
{
"category": "external",
"summary": "JBEAP-17940",
"url": "https://issues.redhat.com/browse/JBEAP-17940"
},
{
"category": "external",
"summary": "JBEAP-17945",
"url": "https://issues.redhat.com/browse/JBEAP-17945"
},
{
"category": "external",
"summary": "JBEAP-17974",
"url": "https://issues.redhat.com/browse/JBEAP-17974"
},
{
"category": "external",
"summary": "JBEAP-17998",
"url": "https://issues.redhat.com/browse/JBEAP-17998"
},
{
"category": "external",
"summary": "JBEAP-18169",
"url": "https://issues.redhat.com/browse/JBEAP-18169"
},
{
"category": "external",
"summary": "JBEAP-18170",
"url": "https://issues.redhat.com/browse/JBEAP-18170"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0161.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 8 security update",
"tracking": {
"current_release_date": "2024-11-05T21:43:46+00:00",
"generator": {
"date": "2024-11-05T21:43:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:0161",
"initial_release_date": "2020-01-21T03:22:56+00:00",
"revision_history": [
{
"date": "2020-01-21T03:22:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-21T03:22:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T21:43:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-21.SP12_redhat_00010.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.14-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.18-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.42-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-3.Final_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.2.11-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.2.11-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.2.11-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.10-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.10-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.10-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.10-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.18-2.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.10-2.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.6-5.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.6-5.GA_redhat_00001.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.10-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.18-2.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Dominik Mizyn"
],
"organization": "Samsung R\u0026D Institute Poland"
}
],
"cve": "CVE-2019-10219",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1738673"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: safeHTML validator allows XSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it is being deprecated and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10219"
},
{
"category": "external",
"summary": "RHBZ#1738673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10219",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10219"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219"
}
],
"release_date": "2019-08-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: safeHTML validator allows XSS"
},
{
"cve": "CVE-2019-14540",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1755849"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14540"
},
{
"category": "external",
"summary": "RHBZ#1755849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540"
}
],
"release_date": "2019-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "workaround",
"details": "This vulnerability relies on com.zaxxer.hikari.HikariConfig being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig"
},
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
},
{
"acknowledgments": [
{
"names": [
"Henning Baldersheim",
"H\u00e5vard Pettersen"
],
"organization": "Verizon Media"
}
],
"cve": "CVE-2019-14888",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-10-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1772464"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14888"
},
{
"category": "external",
"summary": "RHBZ#1772464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888"
}
],
"release_date": "2020-01-20T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "workaround",
"details": "Enable HTTP2 (enable-http2=\"true\") in the undertow\u0027s HTTPS settings.",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS"
},
{
"cve": "CVE-2019-14892",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the commons-configuration package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14892"
},
{
"category": "external",
"summary": "RHBZ#1758171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892"
}
],
"release_date": "2019-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the commons-configuration package"
},
{
"cve": "CVE-2019-14893",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the xalan package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14893"
},
{
"category": "external",
"summary": "RHBZ#1758182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893"
}
],
"release_date": "2019-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the xalan package"
},
{
"cve": "CVE-2019-16335",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1755831"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16335"
},
{
"category": "external",
"summary": "RHBZ#1755831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335"
}
],
"release_date": "2019-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "workaround",
"details": "This vulnerability relies on com.zaxxer.hikari.HikariDataSource being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource"
},
{
"cve": "CVE-2019-16869",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758619"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that this vulnerability does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16869"
},
{
"category": "external",
"summary": "RHBZ#1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869"
}
],
"release_date": "2019-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "workaround",
"details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers"
},
{
"cve": "CVE-2019-16942",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758187"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16942"
},
{
"category": "external",
"summary": "RHBZ#1758187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942"
}
],
"release_date": "2019-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*"
},
{
"cve": "CVE-2019-16943",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758191"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16943"
},
{
"category": "external",
"summary": "RHBZ#1758191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943"
}
],
"release_date": "2019-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource"
},
{
"cve": "CVE-2019-17267",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758167"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the ehcache package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17267"
},
{
"category": "external",
"summary": "RHBZ#1758167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267"
}
],
"release_date": "2019-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the ehcache package"
},
{
"cve": "CVE-2019-17531",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-11-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1775293"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17531"
},
{
"category": "external",
"summary": "RHBZ#1775293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531"
}
],
"release_date": "2019-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:22:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*"
}
]
}
rhsa-2020_2781
Vulnerability from csaf_redhat
Published
2020-07-01 10:57
Modified
2024-11-05 22:24
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.
Security Fix(es):
* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.\n\nSecurity Fix(es):\n\n* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2781",
"url": "https://access.redhat.com/errata/RHSA-2020:2781"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html",
"url": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html"
},
{
"category": "external",
"summary": "1700855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700855"
},
{
"category": "external",
"summary": "1708467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708467"
},
{
"category": "external",
"summary": "1710432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710432"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "1772542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772542"
},
{
"category": "external",
"summary": "1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "1816579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816579"
},
{
"category": "external",
"summary": "1816629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816629"
},
{
"category": "external",
"summary": "1819214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819214"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2781.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update",
"tracking": {
"current_release_date": "2024-11-05T22:24:16+00:00",
"generator": {
"date": "2024-11-05T22:24:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:2781",
"initial_release_date": "2020-07-01T10:57:21+00:00",
"revision_history": [
{
"date": "2020-07-01T10:57:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-01T10:57:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:24:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"product": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"product": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"product": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"product": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src",
"product": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src",
"product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"product": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"product": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"product": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"product": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src"
},
"product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src"
},
"product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch"
},
"product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src"
},
"product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch"
},
"product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src"
},
"product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch"
},
"product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src"
},
"product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-01T10:57:21+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2781"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806398"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1938"
},
{
"category": "external",
"summary": "RHBZ#1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938"
},
{
"category": "external",
"summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/",
"url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
},
{
"category": "external",
"summary": "https://www.cnvd.org.cn/webinfo/show/5415",
"url": "https://www.cnvd.org.cn/webinfo/show/5415"
},
{
"category": "external",
"summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487",
"url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-01T10:57:21+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2781"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251",
"product_ids": [
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5.src",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability"
}
]
}
rhsa-2020_2783
Vulnerability from csaf_redhat
Published
2020-07-01 11:21
Modified
2024-11-05 22:24
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.
Security Fix(es):
* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.\n\nSecurity Fix(es):\n\n* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2783",
"url": "https://access.redhat.com/errata/RHSA-2020:2783"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html",
"url": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "1700855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700855"
},
{
"category": "external",
"summary": "1708467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708467"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "1772542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772542"
},
{
"category": "external",
"summary": "1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "1816579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816579"
},
{
"category": "external",
"summary": "1816629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816629"
},
{
"category": "external",
"summary": "1819214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819214"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2783.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update",
"tracking": {
"current_release_date": "2024-11-05T22:24:02+00:00",
"generator": {
"date": "2024-11-05T22:24:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:2783",
"initial_release_date": "2020-07-01T11:21:09+00:00",
"revision_history": [
{
"date": "2020-07-01T11:21:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-01T11:21:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:24:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-01T11:21:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2783"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806398"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1938"
},
{
"category": "external",
"summary": "RHBZ#1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938"
},
{
"category": "external",
"summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/",
"url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
},
{
"category": "external",
"summary": "https://www.cnvd.org.cn/webinfo/show/5415",
"url": "https://www.cnvd.org.cn/webinfo/show/5415"
},
{
"category": "external",
"summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487",
"url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-01T11:21:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2783"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability"
}
]
}
rhsa-2020_0160
Vulnerability from csaf_redhat
Published
2020-01-21 03:47
Modified
2024-11-05 21:43
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 7 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening
on HTTPS (CVE-2019-14888)
* jboss-cli: JBoss EAP: Vault system property security attribute value is
revealed on CLI 'reload' command (CVE-2019-14885)
* netty: HTTP request smuggling by mishandled whitespace before the colon in
HTTP headers (CVE-2019-16869)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariConfig (CVE-2019-14540)
* jackson-databind: Serialization gadgets in classes of the commons-dbcp package
(CVE-2019-16942)
* jackson-databind: Serialization gadgets in classes of the
commons-configuration package (CVE-2019-14892)
* jackson-databind: polymorphic typing issue related to
com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)
* jackson-databind: Serialization gadgets in classes of the p6spy package
(CVE-2019-16943)
* jackson-databind: polymorphic typing issue when enabling default typing for an
externally exposed JSON endpoint and having apache-log4j-extra in the classpath
leads to code execution (CVE-2019-17531)
* jackson-databind: Serialization gadgets in classes of the xalan package
(CVE-2019-14893)
* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)
* jackson-databind: Serialization gadgets in classes of the ehcache package
(CVE-2019-17267)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.5, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.6 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening\non HTTPS (CVE-2019-14888)\n\n* jboss-cli: JBoss EAP: Vault system property security attribute value is\nrevealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in\nHTTP headers (CVE-2019-16869)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariConfig (CVE-2019-14540)\n\n* jackson-databind: Serialization gadgets in classes of the commons-dbcp package\n(CVE-2019-16942)\n\n* jackson-databind: Serialization gadgets in classes of the\ncommons-configuration package (CVE-2019-14892)\n\n* jackson-databind: polymorphic typing issue related to\ncom.zaxxer.hikari.HikariDataSource (CVE-2019-16335)\n\n* jackson-databind: Serialization gadgets in classes of the p6spy package\n(CVE-2019-16943)\n\n* jackson-databind: polymorphic typing issue when enabling default typing for an\nexternally exposed JSON endpoint and having apache-log4j-extra in the classpath\nleads to code execution (CVE-2019-17531)\n\n* jackson-databind: Serialization gadgets in classes of the xalan package\n(CVE-2019-14893)\n\n* hibernate-validator: safeHTML validator allows XSS (CVE-2019-10219)\n\n* jackson-databind: Serialization gadgets in classes of the ehcache package\n(CVE-2019-17267)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0160",
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1738673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673"
},
{
"category": "external",
"summary": "1755831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831"
},
{
"category": "external",
"summary": "1755849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849"
},
{
"category": "external",
"summary": "1758167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167"
},
{
"category": "external",
"summary": "1758171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171"
},
{
"category": "external",
"summary": "1758182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182"
},
{
"category": "external",
"summary": "1758187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187"
},
{
"category": "external",
"summary": "1758191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191"
},
{
"category": "external",
"summary": "1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "1772464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464"
},
{
"category": "external",
"summary": "1775293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293"
},
{
"category": "external",
"summary": "JBEAP-17491",
"url": "https://issues.redhat.com/browse/JBEAP-17491"
},
{
"category": "external",
"summary": "JBEAP-17541",
"url": "https://issues.redhat.com/browse/JBEAP-17541"
},
{
"category": "external",
"summary": "JBEAP-17651",
"url": "https://issues.redhat.com/browse/JBEAP-17651"
},
{
"category": "external",
"summary": "JBEAP-17652",
"url": "https://issues.redhat.com/browse/JBEAP-17652"
},
{
"category": "external",
"summary": "JBEAP-17666",
"url": "https://issues.redhat.com/browse/JBEAP-17666"
},
{
"category": "external",
"summary": "JBEAP-17773",
"url": "https://issues.redhat.com/browse/JBEAP-17773"
},
{
"category": "external",
"summary": "JBEAP-17779",
"url": "https://issues.redhat.com/browse/JBEAP-17779"
},
{
"category": "external",
"summary": "JBEAP-17789",
"url": "https://issues.redhat.com/browse/JBEAP-17789"
},
{
"category": "external",
"summary": "JBEAP-17805",
"url": "https://issues.redhat.com/browse/JBEAP-17805"
},
{
"category": "external",
"summary": "JBEAP-17835",
"url": "https://issues.redhat.com/browse/JBEAP-17835"
},
{
"category": "external",
"summary": "JBEAP-17837",
"url": "https://issues.redhat.com/browse/JBEAP-17837"
},
{
"category": "external",
"summary": "JBEAP-17887",
"url": "https://issues.redhat.com/browse/JBEAP-17887"
},
{
"category": "external",
"summary": "JBEAP-17898",
"url": "https://issues.redhat.com/browse/JBEAP-17898"
},
{
"category": "external",
"summary": "JBEAP-17905",
"url": "https://issues.redhat.com/browse/JBEAP-17905"
},
{
"category": "external",
"summary": "JBEAP-17906",
"url": "https://issues.redhat.com/browse/JBEAP-17906"
},
{
"category": "external",
"summary": "JBEAP-17940",
"url": "https://issues.redhat.com/browse/JBEAP-17940"
},
{
"category": "external",
"summary": "JBEAP-17945",
"url": "https://issues.redhat.com/browse/JBEAP-17945"
},
{
"category": "external",
"summary": "JBEAP-17974",
"url": "https://issues.redhat.com/browse/JBEAP-17974"
},
{
"category": "external",
"summary": "JBEAP-17998",
"url": "https://issues.redhat.com/browse/JBEAP-17998"
},
{
"category": "external",
"summary": "JBEAP-18169",
"url": "https://issues.redhat.com/browse/JBEAP-18169"
},
{
"category": "external",
"summary": "JBEAP-18170",
"url": "https://issues.redhat.com/browse/JBEAP-18170"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0160.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 7 security update",
"tracking": {
"current_release_date": "2024-11-05T21:43:36+00:00",
"generator": {
"date": "2024-11-05T21:43:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:0160",
"initial_release_date": "2020-01-21T03:47:51+00:00",
"revision_history": [
{
"date": "2020-01-21T03:47:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-21T03:47:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T21:43:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-21.SP12_redhat_00010.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.14-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.18-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.42-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-3.Final_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.2.11-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.2.11-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.2.11-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.10-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.10-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.10-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.10-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.18-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-7.Final_redhat_00007.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.10-2.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.6-5.GA_redhat_00001.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.27-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-6.SP3_redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.19-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-3.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-21.SP12_redhat_00010.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.28-2.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.8-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-3.SP2_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.1-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.14-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.18-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.42-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.5-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.8-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"product_id": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-3.Final_redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.11-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-binary@2.9.10-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.10-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.10-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-dataformats-text@2.9.10-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.10-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.10-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.18-2.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-7.Final_redhat_00007.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.10-2.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.6-5.GA_redhat_00001.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Dominik Mizyn"
],
"organization": "Samsung R\u0026D Institute Poland"
}
],
"cve": "CVE-2019-10219",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1738673"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: safeHTML validator allows XSS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform\u0027s OpenDaylight will not be updated for this flaw because it is being deprecated and is only receiving security fixes for Important and Critical flaws.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10219"
},
{
"category": "external",
"summary": "RHBZ#1738673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738673"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10219",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10219"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10219"
}
],
"release_date": "2019-08-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: safeHTML validator allows XSS"
},
{
"cve": "CVE-2019-14540",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1755849"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14540"
},
{
"category": "external",
"summary": "RHBZ#1755849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755849"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14540"
}
],
"release_date": "2019-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "workaround",
"details": "This vulnerability relies on com.zaxxer.hikari.HikariConfig being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig"
},
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
},
{
"acknowledgments": [
{
"names": [
"Henning Baldersheim",
"H\u00e5vard Pettersen"
],
"organization": "Verizon Media"
}
],
"cve": "CVE-2019-14888",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-10-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1772464"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14888"
},
{
"category": "external",
"summary": "RHBZ#1772464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14888",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14888"
}
],
"release_date": "2020-01-20T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "workaround",
"details": "Enable HTTP2 (enable-http2=\"true\") in the undertow\u0027s HTTPS settings.",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS"
},
{
"cve": "CVE-2019-14892",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the commons-configuration package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14892"
},
{
"category": "external",
"summary": "RHBZ#1758171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14892"
}
],
"release_date": "2019-09-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the commons-configuration package"
},
{
"cve": "CVE-2019-14893",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758182"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the xalan package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14893"
},
{
"category": "external",
"summary": "RHBZ#1758182",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758182"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14893"
}
],
"release_date": "2019-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the xalan package"
},
{
"cve": "CVE-2019-16335",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1755831"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nSatellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16335"
},
{
"category": "external",
"summary": "RHBZ#1755831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755831"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16335"
}
],
"release_date": "2019-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "workaround",
"details": "This vulnerability relies on com.zaxxer.hikari.HikariDataSource being present in the application\u0027s ClassPath. Hikari is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use com.zaxxer.hikari are not impacted by this vulnerability.\n\nA mitigation to this class of problem in jackson-databind is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource"
},
{
"cve": "CVE-2019-16869",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758619"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that this vulnerability does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16869"
},
{
"category": "external",
"summary": "RHBZ#1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869"
}
],
"release_date": "2019-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "workaround",
"details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers"
},
{
"cve": "CVE-2019-16942",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758187"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16942"
},
{
"category": "external",
"summary": "RHBZ#1758187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16942"
}
],
"release_date": "2019-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*"
},
{
"cve": "CVE-2019-16943",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758191"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16943"
},
{
"category": "external",
"summary": "RHBZ#1758191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758191"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16943"
}
],
"release_date": "2019-09-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource"
},
{
"cve": "CVE-2019-17267",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758167"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in classes of the ehcache package",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17267"
},
{
"category": "external",
"summary": "RHBZ#1758167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17267"
}
],
"release_date": "2019-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in classes of the ehcache package"
},
{
"cve": "CVE-2019-17531",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-11-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1775293"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenShift Container Platform does ship the vulnerable component, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17531"
},
{
"category": "external",
"summary": "RHBZ#1775293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775293"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17531"
}
],
"release_date": "2019-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-21T03:47:51+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.11-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.11-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-6.SP3_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.14-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.14-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.18-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.18-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.1-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-binary-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-dataformats-text-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.10-2.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.10-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-7.Final_redhat_00007.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-7.Final_redhat_00007.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-3.SP2_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-netty-0:4.1.42-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-netty-all-0:4.1.42-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-21.SP12_redhat_00010.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-21.SP12_redhat_00010.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.28-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-3.Final_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.6-5.GA_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.18-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.6-5.GA_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.8-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*"
}
]
}
rhsa-2020_2779
Vulnerability from csaf_redhat
Published
2020-07-01 10:57
Modified
2024-11-05 22:24
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.
Security Fix(es):
* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.\n\nSecurity Fix(es):\n\n* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat Enterprise Linux 5 are advised to upgrade to these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2779",
"url": "https://access.redhat.com/errata/RHSA-2020:2779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html",
"url": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html"
},
{
"category": "external",
"summary": "1700855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700855"
},
{
"category": "external",
"summary": "1708467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708467"
},
{
"category": "external",
"summary": "1710433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710433"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "1772542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772542"
},
{
"category": "external",
"summary": "1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "1816579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816579"
},
{
"category": "external",
"summary": "1816629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816629"
},
{
"category": "external",
"summary": "1819214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819214"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2779.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update",
"tracking": {
"current_release_date": "2024-11-05T22:24:27+00:00",
"generator": {
"date": "2024-11-05T22:24:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:2779",
"initial_release_date": "2020-07-01T10:57:42+00:00",
"revision_history": [
{
"date": "2020-07-01T10:57:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-01T10:57:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:24:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"product": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"product": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"product": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"product": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src",
"product": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src",
"product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"product": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"product": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"product": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src"
},
"product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src"
},
"product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch"
},
"product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src"
},
"product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch"
},
"product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src"
},
"product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch"
},
"product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src"
},
"product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-01T10:57:42+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2779"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806398"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1938"
},
{
"category": "external",
"summary": "RHBZ#1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938"
},
{
"category": "external",
"summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/",
"url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
},
{
"category": "external",
"summary": "https://www.cnvd.org.cn/webinfo/show/5415",
"url": "https://www.cnvd.org.cn/webinfo/show/5415"
},
{
"category": "external",
"summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487",
"url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-01T10:57:42+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2779"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251",
"product_ids": [
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el6.src",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability"
}
]
}
rhsa-2020_0951
Vulnerability from csaf_redhat
Published
2020-03-23 20:13
Modified
2024-11-05 21:55
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)
* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)
* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)
* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
* wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)
* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)
* netty: HTTP request smuggling (CVE-2019-20444)
* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)
* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)
* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* libthrift: thrift: Endless loop when feed with specific input data (CVE-2019-0205)\n\n* libthrift: thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol (CVE-2019-0210)\n\n* commons-beanutils: apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)\n\n* xmlsec: xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source (CVE-2019-12400)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\n* wildfly: The \u0027enabled-protocols\u0027 value in legacy security is not respected if OpenSSL security provider is in use (CVE-2019-14887)\n\n* jackson-databind: lacks certain net.sf.ehcache blocking (CVE-2019-20330)\n\n* netty: HTTP request smuggling (CVE-2019-20444)\n\n* netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header (CVE-2019-20445)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)\n\n* keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP (CVE-2020-1744)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0951",
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/"
},
{
"category": "external",
"summary": "1764607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764607"
},
{
"category": "external",
"summary": "1764612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764612"
},
{
"category": "external",
"summary": "1764658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764658"
},
{
"category": "external",
"summary": "1767483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767483"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "1772008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772008"
},
{
"category": "external",
"summary": "1793154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793154"
},
{
"category": "external",
"summary": "1796225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796225"
},
{
"category": "external",
"summary": "1798509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798509"
},
{
"category": "external",
"summary": "1798524",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798524"
},
{
"category": "external",
"summary": "1805792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805792"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0951.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.7 security update",
"tracking": {
"current_release_date": "2024-11-05T21:55:56+00:00",
"generator": {
"date": "2024-11-05T21:55:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:0951",
"initial_release_date": "2020-03-23T20:13:32+00:00",
"revision_history": [
{
"date": "2020-03-23T20:13:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-03-23T20:13:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T21:55:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.3",
"product": {
"name": "Red Hat Single Sign-On 7.3",
"product_id": "Red Hat Single Sign-On 7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-0205",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1764612"
}
],
"notes": [
{
"category": "description",
"text": "In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "thrift: Endless loop when feed with specific input data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight does not expose libthrift in a vulnerable way, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe thrift package in OpenShift Container Platform is installed only in Curator images in the Logging stack. The affected code is included in this package, it\u0027s functionality is not used. This vulnerability is therefore rated Low for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0205"
},
{
"category": "external",
"summary": "RHBZ#1764612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0205",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0205"
}
],
"release_date": "2019-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "thrift: Endless loop when feed with specific input data"
},
{
"cve": "CVE-2019-0210",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2019-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1764607"
}
],
"notes": [
{
"category": "description",
"text": "In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains a vulnerable version of libthrift. However, OpenDaylight is not affected as this is a Golang specific problem, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe version of thrift delivered in OpenShift Container Platform is not affected by this vulnerability as it does not contain the affected code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0210"
},
{
"category": "external",
"summary": "RHBZ#1764607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0210",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0210"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0210",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0210"
}
],
"release_date": "2019-10-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol"
},
{
"cve": "CVE-2019-10086",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-10-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1767483"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is not suppressed by default. This flaw allows an attacker to access the classloader.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10086"
},
{
"category": "external",
"summary": "RHBZ#1767483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767483"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10086"
},
{
"category": "external",
"summary": "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt",
"url": "https://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.4/RELEASE-NOTES.txt"
}
],
"release_date": "2019-08-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"Red Hat Single Sign-On 7.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default"
},
{
"cve": "CVE-2019-12400",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-08-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1764658"
}
],
"notes": [
{
"category": "description",
"text": "In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this implementation might be cached and re-used by Apache Santuario - XML Security for Java, leading to potential security flaws when validating signed documents, etc. The vulnerability affects Apache Santuario - XML Security for Java 2.0.x releases from 2.0.3 and all 2.1.x releases before 2.1.4.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-12400"
},
{
"category": "external",
"summary": "RHBZ#1764658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1764658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12400"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12400",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12400"
}
],
"release_date": "2019-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source"
},
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
},
{
"cve": "CVE-2019-14887",
"cwe": {
"id": "CWE-757",
"name": "Selection of Less-Secure Algorithm During Negotiation (\u0027Algorithm Downgrade\u0027)"
},
"discovery_date": "2019-11-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1772008"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found when an OpenSSL security provider is used with Wildfly, the \u0027enabled-protocols\u0027 value in the Wildfly configuration isn\u0027t honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: The \u0027enabled-protocols\u0027 value in legacy security is not respected if OpenSSL security provider is in use",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14887"
},
{
"category": "external",
"summary": "RHBZ#1772008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772008"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14887",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14887"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14887",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14887"
}
],
"release_date": "2020-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
},
{
"category": "workaround",
"details": "Avoid using an OpenSSL security provider and instead use the default configuration or regular JSSE provider with \u0027TLS\u0027.",
"product_ids": [
"Red Hat Single Sign-On 7.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: The \u0027enabled-protocols\u0027 value in legacy security is not respected if OpenSSL security provider is in use"
},
{
"cve": "CVE-2019-20330",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793154"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: lacks certain net.sf.ehcache blocking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20330"
},
{
"category": "external",
"summary": "RHBZ#1793154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20330",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20330"
}
],
"release_date": "2020-01-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat Single Sign-On 7.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: lacks certain net.sf.ehcache blocking"
},
{
"cve": "CVE-2019-20444",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2020-01-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1798524"
}
],
"notes": [
{
"category": "description",
"text": "A HTTP smuggling flaw was found in HttpObjectDecoder.java in Netty in versions prior to version 4.1.44. HTTP headers with an invalid fold, in this case CRLF (carriage return, line feed) without being followed by SP (space) or HTAB (horizontal tab), result in situations where headers can be misread. Data integrity is the highest threat with this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: HTTP request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that the previous vulnerability, CVE-2019-16869, does not pose a substantial practical threat to ElasticSearch 6. We agree that these issues would be difficult to exploit on OpenShift Container Platform so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20444"
},
{
"category": "external",
"summary": "RHBZ#1798524",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798524"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20444",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20444"
},
{
"category": "external",
"summary": "https://github.com/elastic/elasticsearch/issues/49396",
"url": "https://github.com/elastic/elasticsearch/issues/49396"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
},
{
"category": "workaround",
"details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings",
"product_ids": [
"Red Hat Single Sign-On 7.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: HTTP request smuggling"
},
{
"cve": "CVE-2019-20445",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2020-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1798509"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a server, it could result in a viable HTTP smuggling vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships a vulnerable version of netty embedded in Candlepin. However, the flaw can not be triggered in that context, because HTTP requests are handled by Tomcat, not by netty. A future release may fix this.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20445"
},
{
"category": "external",
"summary": "RHBZ#1798509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798509"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20445",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20445"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20445",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20445"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
},
{
"category": "workaround",
"details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings",
"product_ids": [
"Red Hat Single Sign-On 7.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header"
},
{
"cve": "CVE-2020-1744",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"discovery_date": "2020-02-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805792"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in keycloak. BruteForceProtector does not handle Conditional OTP Authentication Flow login failure events due to these events not being sent to the brute force protection event queue. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1744"
},
{
"category": "external",
"summary": "RHBZ#1805792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805792"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1744",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1744"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1744",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1744"
}
],
"release_date": "2020-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP"
},
{
"cve": "CVE-2020-7238",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2020-01-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1796225"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-7238"
},
{
"category": "external",
"summary": "RHBZ#1796225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796225"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7238",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7238"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7238",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7238"
},
{
"category": "external",
"summary": "https://netty.io/news/2019/12/18/4-1-44-Final.html",
"url": "https://netty.io/news/2019/12/18/4-1-44-Final.html"
}
],
"release_date": "2020-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-23T20:13:32+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0951"
},
{
"category": "workaround",
"details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings",
"product_ids": [
"Red Hat Single Sign-On 7.3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling"
}
]
}
rhsa-2020_2780
Vulnerability from csaf_redhat
Published
2020-07-01 10:55
Modified
2024-11-05 22:24
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4
for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)
* JBoss EAP: Vault system property security attribute value is revealed on CLI 'reload' command (CVE-2019-14885)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in the
References section.
All users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat
Enterprise Linux 5 are advised to upgrade to these updated packages. The JBoss
server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4\nfor Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.23 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.22, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jbossweb: tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)\n\n* JBoss EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command (CVE-2019-14885)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in the\nReferences section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 on Red Hat\nEnterprise Linux 5 are advised to upgrade to these updated packages. The JBoss\nserver process must be restarted for the update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2780",
"url": "https://access.redhat.com/errata/RHSA-2020:2780"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html",
"url": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html"
},
{
"category": "external",
"summary": "1700855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700855"
},
{
"category": "external",
"summary": "1708467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708467"
},
{
"category": "external",
"summary": "1710434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710434"
},
{
"category": "external",
"summary": "1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "1772542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772542"
},
{
"category": "external",
"summary": "1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "1816579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816579"
},
{
"category": "external",
"summary": "1816629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816629"
},
{
"category": "external",
"summary": "1819214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819214"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2780.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update",
"tracking": {
"current_release_date": "2024-11-05T22:24:42+00:00",
"generator": {
"date": "2024-11-05T22:24:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:2780",
"initial_release_date": "2020-07-01T10:55:01+00:00",
"revision_history": [
{
"date": "2020-07-01T10:55:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-01T10:55:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:24:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-common-spi-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-core-impl-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-deployers-common-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-jdbc-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-spec-api-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-validator-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"product": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"product": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"product": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"product": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"product_id": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ironjacamar-eap6@1.0.44-1.Final_redhat_00001.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"product": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"product_id": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-29.SP31_redhat_00001.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src",
"product": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src",
"product_id": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/weld-core@1.1.34-2.Final_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"product": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"product_id": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbosgi-repository@2.1.0-3.Final_redhat_3.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.31-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"product": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"product_id": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jsf12-eap6@1.2.15-11.b01_SP2_redhat_2.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"product": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"product_id": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-remoting3-jmx@1.1.4-2.Final_redhat_00001.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.23-2.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.23-4.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_id": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.23-3.Final_redhat_00002.1.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src"
},
"product_reference": "glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src"
},
"product_reference": "hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src"
},
"product_reference": "ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch"
},
"product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src"
},
"product_reference": "jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch"
},
"product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src"
},
"product_reference": "jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch"
},
"product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src"
},
"product_reference": "weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14885",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-10-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1770615"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the JBoss EAP Vault system. Confidential information of the system property\u2019s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14885"
},
{
"category": "external",
"summary": "RHBZ#1770615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1770615"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14885",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14885"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
}
],
"release_date": "2020-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-01T10:55:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2780"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: Vault system property security attribute value is revealed on CLI \u0027reload\u0027 command"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806398"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1938"
},
{
"category": "external",
"summary": "RHBZ#1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938"
},
{
"category": "external",
"summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/",
"url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
},
{
"category": "external",
"summary": "https://www.cnvd.org.cn/webinfo/show/5415",
"url": "https://www.cnvd.org.cn/webinfo/show/5415"
},
{
"category": "external",
"summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487",
"url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-01T10:55:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2780"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251",
"product_ids": [
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:glassfish-jsf12-eap6-0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el7.src",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-29.SP31_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-common-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-common-spi-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-core-impl-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-deployers-common-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:ironjacamar-jdbc-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-spec-api-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:ironjacamar-validator-eap6-0:1.0.44-1.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbosgi-repository-0:2.1.0-3.Final_redhat_3.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-remoting3-jmx-0:1.1.4-2.Final_redhat_00001.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.23-2.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.23-3.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.23-4.Final_redhat_00002.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.31-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:weld-core-0:1.1.34-2.Final_redhat_2.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability"
}
]
}
ghsa-cxpp-v3rm-fq33
Vulnerability from github
Published
2022-05-24 17:07
Modified
2022-10-07 18:15
Severity ?
Details
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.
{
"affected": [],
"aliases": [
"CVE-2019-14885"
],
"database_specific": {
"cwe_ids": [
"CWE-532"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-23T22:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"id": "GHSA-cxpp-v3rm-fq33",
"modified": "2022-10-07T18:15:56Z",
"published": "2022-05-24T17:07:10Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14885"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
gsd-2019-14885
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-14885",
"description": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"id": "GSD-2019-14885",
"references": [
"https://access.redhat.com/errata/RHSA-2020:2783",
"https://access.redhat.com/errata/RHSA-2020:2781",
"https://access.redhat.com/errata/RHSA-2020:2780",
"https://access.redhat.com/errata/RHSA-2020:2779",
"https://access.redhat.com/errata/RHSA-2020:2169",
"https://access.redhat.com/errata/RHSA-2020:2168",
"https://access.redhat.com/errata/RHSA-2020:0951",
"https://access.redhat.com/errata/RHSA-2020:0164",
"https://access.redhat.com/errata/RHSA-2020:0161",
"https://access.redhat.com/errata/RHSA-2020:0160",
"https://access.redhat.com/errata/RHSA-2020:0159"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-14885"
],
"details": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information.",
"id": "GSD-2019-14885",
"modified": "2023-12-13T01:23:52.750877Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-14885",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JBoss EAP",
"version": {
"version_data": [
{
"version_value": "All versions before 7.2.6.GA"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.4/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.6:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.2.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-14885"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property\u0027s security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI \u0027reload\u0027 command. This flaw can lead to the exposure of confidential information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14885"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
},
"lastModifiedDate": "2022-11-08T02:17Z",
"publishedDate": "2020-01-23T22:15Z"
}
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.