Action not permitted
Modal body text goes here.
CVE-2020-14384
Vulnerability from cvelistv5
Published
2020-09-09 13:17
Modified
2024-08-04 12:46
Severity ?
EPSS score ?
Summary
A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.
References
▼ | URL | Tags | |
---|---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1875176 | Issue Tracking, Vendor Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T12:46:33.309Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "JBossWeb", "vendor": "n/a", "versions": [ { "status": "affected", "version": "JBossWeb versions before 7.5.31.Final-redhat-3" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-09-09T13:17:28", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-14384", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "JBossWeb", "version": { "version_data": [ { "version_value": "JBossWeb versions before 7.5.31.Final-redhat-3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-14384", "datePublished": "2020-09-09T13:17:28", "dateReserved": "2020-06-17T00:00:00", "dateUpdated": "2024-08-04T12:46:33.309Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2020-14384\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-09-09T14:15:12.397\",\"lastModified\":\"2021-11-04T18:30:09.153\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 un fallo en JBossWeb en versiones anteriores a 7.5.31.Final-redhat-3.\u0026#xa0;La correcci\u00f3n para CVE-2020-13935 estaba incompleta en JBossWeb, dej\u00e1ndolo vulnerable a un ataque de denegaci\u00f3n de servicio cuando se env\u00edan m\u00faltiples peticiones con una longitud de carga \u00fatil no v\u00e1lida en una trama WebSocket.\u0026#xa0;La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B142ACCC-F7A9-4A3B-BE60-0D6691D5058D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jbossweb:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.5.31.final-redhat-3\",\"matchCriteriaId\":\"F499B38F-82F7-4BAF-9221-39FBA20FC64A\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1875176\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}" } }
rhsa-2022_5460
Vulnerability from csaf_redhat
Published
2022-06-30 19:14
Modified
2024-11-22 23:06
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.24 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 6.4.24 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.23 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 6.4.24 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)
* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.24 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.23 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 6.4.24 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)\n\n* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:5460", "url": "https://access.redhat.com/errata/RHSA-2022:5460" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html-single/installation_guide/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html-single/installation_guide/index" }, { "category": "external", "summary": "1857024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857024" }, { "category": "external", "summary": "1871928", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1871928" }, { "category": "external", "summary": "1873619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873619" }, { "category": "external", "summary": "1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "external", "summary": "2031667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667" }, { "category": "external", "summary": "2041949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949" }, { "category": "external", "summary": "2041959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959" }, { "category": "external", "summary": "2041967", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5460.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.24 security update", "tracking": { "current_release_date": "2024-11-22T23:06:05+00:00", "generator": { "date": "2024-11-22T23:06:05+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:5460", "initial_release_date": "2022-06-30T19:14:26+00:00", "revision_history": [ { "date": "2022-06-30T19:14:26+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-06-30T19:14:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T23:06:05+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "product": { "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "product_id": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.45-2.Final_redhat_2.1.ep6.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src", "product": { "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src", "product_id": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.32-2.Final_redhat_1.2.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "product_id": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.24-1.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product": { "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_id": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "product": { "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "product_id": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.45-2.Final_redhat_2.1.ep6.el7?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "product": { "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "product_id": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.32-2.Final_redhat_1.2.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.24-1.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product": { "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_id": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.24-2.Final_redhat_00001.1.ep6.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch" }, "product_reference": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src" }, "product_reference": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch" }, "product_reference": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" }, "product_reference": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-13935", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-07-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1857024" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Tomcat, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there is no entry point for WebSockets, thus it is not possible to trigger the flaw in a supported setup. A future update may fix the code. Similarly, Red Hat OpenStack Platform 13 does not ship with WebSocket functionality enabled by default.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-13935" }, { "category": "external", "summary": "RHBZ#1857024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857024" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-13935", "url": "https://www.cve.org/CVERecord?id=CVE-2020-13935" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13935", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13935" }, { "category": "external", "summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E", "url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E" }, { "category": "external", "summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7", "url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105" }, { "category": "external", "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57", "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57" }, { "category": "external", "summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37", "url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37" } ], "release_date": "2020-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:14:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5460" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS" }, { "cve": "CVE-2020-14384", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-09-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1875176" } ], "notes": [ { "category": "description", "text": "A flaw was found in jbossweb. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14384" }, { "category": "external", "summary": "RHBZ#1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14384", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384" } ], "release_date": "2020-09-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:14:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5460" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS" }, { "cve": "CVE-2021-4104", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2031667" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender", "title": "Vulnerability summary" }, { "category": "other", "text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-4104" }, { "category": "external", "summary": "RHBZ#2031667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667" }, { "category": "external", "summary": "RHSB-2021-009", "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104", "url": "https://www.cve.org/CVERecord?id=CVE-2021-4104" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104" }, { "category": "external", "summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", "url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126" }, { "category": "external", "summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301", "url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301" }, { "category": "external", "summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx", "url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1", "url": "https://www.openwall.com/lists/oss-security/2021/12/13/1" } ], "release_date": "2021-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:14:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5460" }, { "category": "workaround", "details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender" }, { "cve": "CVE-2022-23302", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-01-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2041949" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink", "title": "Vulnerability summary" }, { "category": "other", "text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23302" }, { "category": "external", "summary": "RHBZ#2041949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23302" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3", "url": "https://www.openwall.com/lists/oss-security/2022/01/18/3" } ], "release_date": "2022-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:14:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5460" }, { "category": "workaround", "details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink" }, { "cve": "CVE-2022-23305", "cwe": { "id": "CWE-89", "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)" }, "discovery_date": "2022-01-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2041959" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender", "title": "Vulnerability summary" }, { "category": "other", "text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23305" }, { "category": "external", "summary": "RHBZ#2041959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23305" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4", "url": "https://www.openwall.com/lists/oss-security/2022/01/18/4" } ], "release_date": "2022-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:14:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5460" }, { "category": "workaround", "details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender" }, { "cve": "CVE-2022-23307", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-01-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2041967" } ], "notes": [ { "category": "description", "text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer", "title": "Vulnerability summary" }, { "category": "other", "text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23307" }, { "category": "external", "summary": "RHBZ#2041967", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23307" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5", "url": "https://www.openwall.com/lists/oss-security/2022/01/18/5" } ], "release_date": "2022-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:14:26+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5460" }, { "category": "workaround", "details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)", "product_ids": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el7.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer" } ] }
rhsa-2022_5459
Vulnerability from csaf_redhat
Published
2022-06-30 19:00
Modified
2024-11-22 23:06
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.24 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 6.4.24 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.23 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 6.4.24 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)
* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.24 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.23 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 6.4.24 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)\n\n* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:5459", "url": "https://access.redhat.com/errata/RHSA-2022:5459" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html-single/installation_guide/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html-single/installation_guide/index" }, { "category": "external", "summary": "1857024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857024" }, { "category": "external", "summary": "1871928", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1871928" }, { "category": "external", "summary": "1873620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873620" }, { "category": "external", "summary": "1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "external", "summary": "2031667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667" }, { "category": "external", "summary": "2041949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949" }, { "category": "external", "summary": "2041959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959" }, { "category": "external", "summary": "2041967", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5459.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.24 security update", "tracking": { "current_release_date": "2024-11-22T23:06:13+00:00", "generator": { "date": "2024-11-22T23:06:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:5459", "initial_release_date": "2022-06-30T19:00:12+00:00", "revision_history": [ { "date": "2022-06-30T19:00:12+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-06-30T19:00:12+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T23:06:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "product": { "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "product_id": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.45-2.Final_redhat_2.1.ep6.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src", "product": { "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src", "product_id": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.32-2.Final_redhat_1.2.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "product_id": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.24-1.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product": { "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_id": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "product": { "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "product_id": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossts@4.17.45-2.Final_redhat_2.1.ep6.el6?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "product": { "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "product_id": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.32-2.Final_redhat_1.2.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.24-1.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-version@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-server@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-network@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-web@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-security@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-domain@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-core@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product": { "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_id": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.24-2.Final_redhat_00001.1.ep6.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src" }, "product_reference": "jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch" }, "product_reference": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src" }, "product_reference": "jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch" }, "product_reference": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" }, "product_reference": "jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-13935", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-07-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1857024" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Tomcat, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there is no entry point for WebSockets, thus it is not possible to trigger the flaw in a supported setup. A future update may fix the code. Similarly, Red Hat OpenStack Platform 13 does not ship with WebSocket functionality enabled by default.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-13935" }, { "category": "external", "summary": "RHBZ#1857024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857024" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-13935", "url": "https://www.cve.org/CVERecord?id=CVE-2020-13935" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13935", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13935" }, { "category": "external", "summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E", "url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E" }, { "category": "external", "summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7", "url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105" }, { "category": "external", "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57", "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57" }, { "category": "external", "summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37", "url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37" } ], "release_date": "2020-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:00:12+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5459" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS" }, { "cve": "CVE-2020-14384", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-09-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1875176" } ], "notes": [ { "category": "description", "text": "A flaw was found in jbossweb. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14384" }, { "category": "external", "summary": "RHBZ#1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14384", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384" } ], "release_date": "2020-09-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:00:12+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5459" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS" }, { "cve": "CVE-2021-4104", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2031667" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender", "title": "Vulnerability summary" }, { "category": "other", "text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-4104" }, { "category": "external", "summary": "RHBZ#2031667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667" }, { "category": "external", "summary": "RHSB-2021-009", "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104", "url": "https://www.cve.org/CVERecord?id=CVE-2021-4104" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104" }, { "category": "external", "summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", "url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126" }, { "category": "external", "summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301", "url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301" }, { "category": "external", "summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx", "url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1", "url": "https://www.openwall.com/lists/oss-security/2021/12/13/1" } ], "release_date": "2021-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:00:12+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5459" }, { "category": "workaround", "details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender" }, { "cve": "CVE-2022-23302", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-01-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2041949" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink", "title": "Vulnerability summary" }, { "category": "other", "text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23302" }, { "category": "external", "summary": "RHBZ#2041949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23302" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3", "url": "https://www.openwall.com/lists/oss-security/2022/01/18/3" } ], "release_date": "2022-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:00:12+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5459" }, { "category": "workaround", "details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink" }, { "cve": "CVE-2022-23305", "cwe": { "id": "CWE-89", "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)" }, "discovery_date": "2022-01-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2041959" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender", "title": "Vulnerability summary" }, { "category": "other", "text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23305" }, { "category": "external", "summary": "RHBZ#2041959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23305" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4", "url": "https://www.openwall.com/lists/oss-security/2022/01/18/4" } ], "release_date": "2022-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:00:12+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5459" }, { "category": "workaround", "details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender" }, { "cve": "CVE-2022-23307", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-01-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2041967" } ], "notes": [ { "category": "description", "text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer", "title": "Vulnerability summary" }, { "category": "other", "text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23307" }, { "category": "external", "summary": "RHBZ#2041967", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23307" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5", "url": "https://www.openwall.com/lists/oss-security/2022/01/18/5" } ], "release_date": "2022-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T19:00:12+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5459" }, { "category": "workaround", "details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)", "product_ids": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-network-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-security-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-server-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-version-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-web-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-core-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-domain-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.24-1.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.24-2.Final_redhat_00001.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossts-1:4.17.45-2.Final_redhat_2.1.ep6.el6.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.32-2.Final_redhat_1.2.ep6.el6.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer" } ] }
rhsa-2022_5458
Vulnerability from csaf_redhat
Published
2022-06-30 18:34
Modified
2024-11-22 23:05
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.24 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 6.4. Red Hat Product Security has rated this update as having a security impact of Important.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 6.4.24 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.23 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 6.4.24 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)
* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 6.4. Red Hat Product Security has rated this update as having a security impact of Important.\n\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.24 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.23 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 6.4.24 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)\n\n* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:5458", "url": "https://access.redhat.com/errata/RHSA-2022:5458" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html-single/installation_guide/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/html-single/installation_guide/index" }, { "category": "external", "summary": "1857024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857024" }, { "category": "external", "summary": "1871928", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1871928" }, { "category": "external", "summary": "1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "external", "summary": "2031667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667" }, { "category": "external", "summary": "2041949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949" }, { "category": "external", "summary": "2041959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959" }, { "category": "external", "summary": "2041967", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_5458.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.24 security update", "tracking": { "current_release_date": "2024-11-22T23:05:58+00:00", "generator": { "date": "2024-11-22T23:05:58+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:5458", "initial_release_date": "2022-06-30T18:34:28+00:00", "revision_history": [ { "date": "2022-06-30T18:34:28+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-06-30T18:34:28+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T23:05:58+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "EAP 6.4.24 release", "product": { "name": "EAP 6.4.24 release", "product_id": "EAP 6.4.24 release", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-13935", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-07-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1857024" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache Tomcat, where the payload length in a WebSocket frame was not correctly validated. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there is no entry point for WebSockets, thus it is not possible to trigger the flaw in a supported setup. A future update may fix the code. Similarly, Red Hat OpenStack Platform 13 does not ship with WebSocket functionality enabled by default.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "EAP 6.4.24 release" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-13935" }, { "category": "external", "summary": "RHBZ#1857024", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857024" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-13935", "url": "https://www.cve.org/CVERecord?id=CVE-2020-13935" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13935", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13935" }, { "category": "external", "summary": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E", "url": "http://mail-archives.apache.org/mod_mbox/tomcat-announce/202007.mbox/%3C39e4200c-6f4e-b85d-fe4b-a9c2bd5fdc3d%40apache.org%3E" }, { "category": "external", "summary": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7", "url": "http://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.0.0-M7" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.105" }, { "category": "external", "summary": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57", "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.57" }, { "category": "external", "summary": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37", "url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.37" } ], "release_date": "2020-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T18:34:28+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "EAP 6.4.24 release" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5458" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "EAP 6.4.24 release" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "EAP 6.4.24 release" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS" }, { "cve": "CVE-2020-14384", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-09-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1875176" } ], "notes": [ { "category": "description", "text": "A flaw was found in jbossweb. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "EAP 6.4.24 release" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14384" }, { "category": "external", "summary": "RHBZ#1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14384", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384" } ], "release_date": "2020-09-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T18:34:28+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "EAP 6.4.24 release" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5458" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "EAP 6.4.24 release" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "EAP 6.4.24 release" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS" }, { "cve": "CVE-2021-4104", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-12-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2031667" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker\u0027s JNDI LDAP endpoint.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender", "title": "Vulnerability summary" }, { "category": "other", "text": "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker\u0027s JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker\u0027s control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "EAP 6.4.24 release" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-4104" }, { "category": "external", "summary": "RHBZ#2031667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031667" }, { "category": "external", "summary": "RHSB-2021-009", "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-4104", "url": "https://www.cve.org/CVERecord?id=CVE-2021-4104" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4104" }, { "category": "external", "summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", "url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126" }, { "category": "external", "summary": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301", "url": "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301" }, { "category": "external", "summary": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx", "url": "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2021/12/13/1", "url": "https://www.openwall.com/lists/oss-security/2021/12/13/1" } ], "release_date": "2021-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T18:34:28+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "EAP 6.4.24 release" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5458" }, { "category": "workaround", "details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.", "product_ids": [ "EAP 6.4.24 release" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "EAP 6.4.24 release" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender" }, { "cve": "CVE-2022-23302", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-01-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2041949" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink", "title": "Vulnerability summary" }, { "category": "other", "text": "Note this flaw ONLY affects applications which are specifically configured to use JMSSink, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSSink to the attacker\u0027s JNDI LDAP endpoint.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JMSSink is not used. Therefore the impact of this vulnerability for these products is rated Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "EAP 6.4.24 release" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23302" }, { "category": "external", "summary": "RHBZ#2041949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041949" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23302", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23302" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23302" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/18/3", "url": "https://www.openwall.com/lists/oss-security/2022/01/18/3" } ], "release_date": "2022-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T18:34:28+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "EAP 6.4.24 release" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5458" }, { "category": "workaround", "details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSSink in the Log4j configuration if it is used\n- Remove the JMSSink class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSSink.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.", "product_ids": [ "EAP 6.4.24 release" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "EAP 6.4.24 release" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink" }, { "cve": "CVE-2022-23305", "cwe": { "id": "CWE-89", "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)" }, "discovery_date": "2022-01-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2041959" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender", "title": "Vulnerability summary" }, { "category": "other", "text": "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "EAP 6.4.24 release" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23305" }, { "category": "external", "summary": "RHBZ#2041959", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041959" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23305", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23305" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23305" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/18/4", "url": "https://www.openwall.com/lists/oss-security/2022/01/18/4" } ], "release_date": "2022-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T18:34:28+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "EAP 6.4.24 release" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5458" }, { "category": "workaround", "details": "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server\u0027s jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```", "product_ids": [ "EAP 6.4.24 release" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "EAP 6.4.24 release" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender" }, { "cve": "CVE-2022-23307", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-01-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2041967" } ], "notes": [ { "category": "description", "text": "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: Unsafe deserialization flaw in Chainsaw log viewer", "title": "Vulnerability summary" }, { "category": "other", "text": "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "EAP 6.4.24 release" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23307" }, { "category": "external", "summary": "RHBZ#2041967", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041967" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23307", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23307" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23307" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2022/01/18/5", "url": "https://www.openwall.com/lists/oss-security/2022/01/18/5" } ], "release_date": "2022-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-06-30T18:34:28+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", "product_ids": [ "EAP 6.4.24 release" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:5458" }, { "category": "workaround", "details": "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)", "product_ids": [ "EAP 6.4.24 release" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "EAP 6.4.24 release" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "log4j: Unsafe deserialization flaw in Chainsaw log viewer" } ] }
rhsa-2020_3731
Vulnerability from csaf_redhat
Published
2020-09-14 11:04
Modified
2024-11-22 15:38
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.
Security Fix(es):
* jbossweb: tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis asynchronous patch is an update for JBoss Enterprise Application Platform 6.4. All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.\n\nSecurity Fix(es):\n\n* jbossweb: tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS (CVE-2020-13935)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:3731", "url": "https://access.redhat.com/errata/RHSA-2020:3731" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/6.4/" }, { "category": "external", "summary": "1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "external", "summary": "1875869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875869" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3731.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update", "tracking": { "current_release_date": "2024-11-22T15:38:27+00:00", "generator": { "date": "2024-11-22T15:38:27+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:3731", "initial_release_date": "2020-09-14T11:04:51+00:00", "revision_history": [ { "date": "2020-09-14T11:04:51+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-09-14T11:04:51+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T15:38:27+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4", "product_id": "Red Hat JBoss Enterprise Application Platform 6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-14384", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-09-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1875176" } ], "notes": [ { "category": "description", "text": "A flaw was found in jbossweb. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14384" }, { "category": "external", "summary": "RHBZ#1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14384", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384" } ], "release_date": "2020-09-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-14T11:04:51+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3731" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.4" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS" } ] }
rhsa-2020_3730
Vulnerability from csaf_redhat
Published
2020-09-14 11:19
Modified
2024-11-22 15:38
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.23 includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.
Security Fix(es):
* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
All users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.23 includes bug fixes and enhancements, which are documented in the Release Notes document listed in the References section.\n\nSecurity Fix(es):\n\n* jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS (CVE-2020-14384)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.\n\nAll users of Red Hat JBoss Enterprise Application Platform 6.4 are advised to upgrade to these updated packages.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:3730", "url": "https://access.redhat.com/errata/RHSA-2020:3730" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html", "url": "https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.4/index.html" }, { "category": "external", "summary": "1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3730.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4 security update", "tracking": { "current_release_date": "2024-11-22T15:38:18+00:00", "generator": { "date": "2024-11-22T15:38:18+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:3730", "initial_release_date": "2020-09-14T11:19:35+00:00", "revision_history": [ { "date": "2020-09-14T11:19:35+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-09-14T11:19:35+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T15:38:18+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch", "product": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch", "product_id": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-3.Final_redhat_3.1.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch", "product": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch", "product_id": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-3.Final_redhat_3.1.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch", "product": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch", "product_id": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-3.Final_redhat_3.1.ep6.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src", "product": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src", "product_id": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-3.Final_redhat_3.1.ep6.el6?arch=src" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src", "product": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src", "product_id": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-3.Final_redhat_3.1.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src", "product": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src", "product_id": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.5.31-3.Final_redhat_3.1.ep6.el7?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch" }, "product_reference": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server", "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src" }, "product_reference": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch" }, "product_reference": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server", "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src" }, "product_reference": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch" }, "product_reference": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch", "relates_to_product_reference": "7Server-JBEAP-6.4" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src" }, "product_reference": "jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src", "relates_to_product_reference": "7Server-JBEAP-6.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-14384", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-09-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1875176" } ], "notes": [ { "category": "description", "text": "A flaw was found in jbossweb. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14384" }, { "category": "external", "summary": "RHBZ#1875176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14384", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384" } ], "release_date": "2020-09-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-14T11:19:35+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3730" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.noarch", "5Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el5.src", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.noarch", "6Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el6.src", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.noarch", "7Server-JBEAP-6.4:jbossweb-0:7.5.31-3.Final_redhat_3.1.ep6.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jbossweb: Incomplete fix of CVE-2020-13935 for WebSocket in JBossWeb could lead to DoS" } ] }
ghsa-8793-frgg-7jvv
Vulnerability from github
Published
2022-05-24 17:27
Modified
2022-05-24 17:27
Details
A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.
{ "affected": [], "aliases": [ "CVE-2020-14384" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2020-09-09T14:15:00Z", "severity": "MODERATE" }, "details": "A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.", "id": "GHSA-8793-frgg-7jvv", "modified": "2022-05-24T17:27:37Z", "published": "2022-05-24T17:27:37Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14384" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" } ], "schema_version": "1.4.0", "severity": [] }
gsd-2020-14384
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2020-14384", "description": "A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.", "id": "GSD-2020-14384", "references": [ "https://access.redhat.com/errata/RHSA-2020:3731", "https://access.redhat.com/errata/RHSA-2020:3730", "https://access.redhat.com/errata/RHSA-2022:5458", "https://access.redhat.com/errata/RHSA-2022:5459", "https://access.redhat.com/errata/RHSA-2022:5460" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2020-14384" ], "details": "A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability.", "id": "GSD-2020-14384", "modified": "2023-12-13T01:22:00.433789Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-14384", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "JBossWeb", "version": { "version_data": [ { "version_value": "JBossWeb versions before 7.5.31.Final-redhat-3" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:jbossweb:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "7.5.31.final-redhat-3", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-14384" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 was incomplete in JBossWeb, leaving it vulnerable to a denial of service attack when sending multiple requests with invalid payload length in a WebSocket frame. The highest threat from this vulnerability is to system availability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176", "refsource": "MISC", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875176" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2021-11-04T18:30Z", "publishedDate": "2020-09-09T14:15Z" } } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.